General
-
Target
ExtremeDeath.zip
-
Size
869KB
-
Sample
241009-kp12nazhlq
-
MD5
80bf076cf31615750f7416d3bc7bb87f
-
SHA1
8b63084e104752100b0bdc9eb4d2ff9864557e90
-
SHA256
8509174c6b51296ac8a43d08dc773c48fa10b86c9ff7095c4f80bba31966ea1d
-
SHA512
733374e03c4fe4345c2a6f8de500f62de5c9e5541561dd257d8ef004c3d12ab43797079c043be5896b8e5530735154deba3934dfd36ca9515feaeb4bb651ae34
-
SSDEEP
24576:krJsEu0J4kijb3rOL6FryBXyXD0g/HsLPY:SJsE/kaL6GsDp/HsLPY
Behavioral task
behavioral1
Sample
ExtremeDeath.zip
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ExtremeDeath.zip
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
ExtremeDeath.cmd
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
ExtremeDeath.cmd
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
ExtremeDeath.exe
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
ExtremeDeath.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
readme.txt
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
readme.txt
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ExtremeDeath.zip
-
Size
869KB
-
MD5
80bf076cf31615750f7416d3bc7bb87f
-
SHA1
8b63084e104752100b0bdc9eb4d2ff9864557e90
-
SHA256
8509174c6b51296ac8a43d08dc773c48fa10b86c9ff7095c4f80bba31966ea1d
-
SHA512
733374e03c4fe4345c2a6f8de500f62de5c9e5541561dd257d8ef004c3d12ab43797079c043be5896b8e5530735154deba3934dfd36ca9515feaeb4bb651ae34
-
SSDEEP
24576:krJsEu0J4kijb3rOL6FryBXyXD0g/HsLPY:SJsE/kaL6GsDp/HsLPY
Score1/10 -
-
-
Target
ExtremeDeath.cmd
-
Size
23B
-
MD5
0f0265efa39ac0a42198338653c68d70
-
SHA1
bb3c6ab57bb81243929dcfd77667e3bab4b68028
-
SHA256
ac76dab10f33d23c89298eddb07d847fb55fe8616657973da8c99d9433cf6a33
-
SHA512
d6425173ec02a117865bfc28acc6dfe6e7cc8d0ce44c09c267fa328c6917c76fb2da51298fe32daff15d607e1b3208742b393010f88c8504e3d6bc76769f6dc5
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Executes dropped EXE
-
Modifies file permissions
-
Modifies boot configuration data using bcdedit
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
ExtremeDeath.exe
-
Size
960KB
-
MD5
c5beb8a1b7dd11483cfc2f032d2bb861
-
SHA1
f4c530d8d8ea1f1d7bbba72218660f6585d3cb41
-
SHA256
6587cb50a483b55754761252903bfa1156f278ebc78a06d7e1fd34d2b09a26f8
-
SHA512
736e866c08e9451473b6ac1566f7173569d015ad232a204d6fc8f216b5edbae0f3adc8e31b91b1caa8f3b43ee9891414c992336f7bfdb32aea2e3c6989527b95
-
SSDEEP
24576:0onJsmu0X4yivb/NOL4FdYJFyTDW4/H8L4:bJsm/oUL48GDt/H8L4
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Modifies file permissions
-
Modifies boot configuration data using bcdedit
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
readme.txt
-
Size
123B
-
MD5
19c09eedd5e730e9cf034c20561328e2
-
SHA1
0b5713c9a2da0fb345c5617ef7a705055d9e0f7f
-
SHA256
89629b675732a54b0db233eeaf3093061409a8fa8956e9aca32ea9bb97fb9a6b
-
SHA512
54334dfa280f381f0a72f2948c81b717cfdefc35faff04ff8f23b1dfaa7132419cb10feea89b19c7a78159689862a0e0fd54f31bdf401a3c446aa5ea00fb1b6b
Score1/10 -